/*
 *    Copyright (c) 2018-2025, shenghua All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 * Redistributions in binary form must reproduce the above copyright
 * notice, this list of conditions and the following disclaimer in the
 * documentation and/or other materials provided with the distribution.
 * Neither the name of the pig4cloud.com developer nor the names of its
 * contributors may be used to endorse or promote products derived from
 * this software without specific prior written permission.
 * Author: shenghua
 */

package com.chen.common.security.utils;

import cn.hutool.core.util.StrUtil;
import com.chen.common.security.info.UserInfo;
import lombok.experimental.UtilityClass;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;

import javax.servlet.http.HttpServletRequest;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.List;

/**
 * 安全工具类
 *
 * @author L.cm
 */
@UtilityClass
public class SecurityUtils {

	/**
	 * 获取Authentication
	 */
	public Authentication getAuthentication() {
		return SecurityContextHolder.getContext().getAuthentication();
	}

	/**
	 * 获取用户
	 *
	 * @param authentication
	 * @return ShenghuaUser
	 * <p>
	 */
	public UserInfo getUser(Authentication authentication) {
		if (authentication == null) {
			return null;
		}
		Object principal = authentication.getPrincipal();
		if (principal instanceof UserInfo) {
			return (UserInfo) principal;
		}
		return null;
	}

	/**
	 * 获取用户
	 */
	public UserInfo getUser() {
		Authentication authentication = getAuthentication();
		return getUser(authentication);
	}

	/**
	 * 获取用户角色信息
	 *
	 * @return 角色集合
	 */
	public List<Integer> getRoles() {
		Authentication authentication = getAuthentication();
		Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();

		List<Integer> roleIds = new ArrayList<>();
		authorities.stream().filter(granted -> StrUtil.startWith(granted.getAuthority(), "ROLE_"))
				.forEach(granted -> {
					String id = StrUtil.removePrefix(granted.getAuthority(), "ROLE_");
					roleIds.add(Integer.parseInt(id));
				});
		return roleIds;
	}


	public static String extractHeaderToken(HttpServletRequest request) {
		Enumeration<String> headers = request.getHeaders("Authorization");
		// typically there is only one (most servers enforce that)
		while (headers.hasMoreElements()) {
			String value = headers.nextElement();
			if ((value.toLowerCase().startsWith(OAuth2AccessToken.BEARER_TYPE.toLowerCase()))) {
				String authHeaderValue = value.substring(OAuth2AccessToken.BEARER_TYPE.length()).trim();
				int commaIndex = authHeaderValue.indexOf(',');
				if (commaIndex > 0) {
					authHeaderValue = authHeaderValue.substring(0, commaIndex);
				}
				return authHeaderValue;
			}
		}

		return null;
	}

//	/**
//	 * 解析JWT
//	 */
//	public Claims getClaims() {
//		Authentication authentication = getAuthentication();
//		if (authentication == null){
//			return null;
//		}
//
//		OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails();
//		String jwtToken = details.getTokenValue();
//		return analysisJwtToken(jwtToken);
//	}
//	/**
//	 * 解析jwtToken
//	 * @param jwtToken jwtToken
//	 * @return Claims
//	 */
//	public Claims analysisJwtToken(String jwtToken){
//		SigningKeyConfig signingKeyConfig = SpringContextHolder.getBean(SigningKeyConfig.class);
//		return Jwts.parser()
//				.setSigningKey(signingKeyConfig.getSigningKey().getBytes(StandardCharsets.UTF_8))
//				.parseClaimsJws(jwtToken)
//				.getBody();
//	}
}
